<?php
require_once 'base.php';

class Users extends Base {
	
	public function login() {
		$this->render('login');
	}
	
	public function do_login() {
		if (!$this->validate_login_form()) {
			return $this->redirect('/users/login');
		}
		
		$this->load->model('user_model');
		$email = $this->get_param('email');
		
		if (!$this->user_model->exist($email)) {
			$this->add_error_message('No such user');
			return $this->redirect('/users/login');
		}
		
		$user = $this->user_model->get_by_email($email);
		
		if (!$user['enabled']) {
			$this->add_error_message('User is not enabled');
			return $this->redirect('/users/login');
		}
		
		if ($user['password'] 
				!== Security_Manager::get_password_hash($this->get_param('password'))) {
			
			$this->add_error_message('The password is wrong');
			return $this->redirect('/users/login');
		}
		
		Security_Manager::save(array(
				'id' => $user['id'],
				'email' => $user['email'],
				'roles' => $this->user_model->get_roles($user['id'])));
		
		return $this->redirect('/');
	}
	
	public function logout() {
		Security_Manager::remove();
		$this->redirect(Security_Manager::get_redirect_url());
	}
	
	public function signup() {
		$this->render('signup');
	}
	
	public function do_signup() {
		$this->load->model('user_model');
		
		if (!$this->validate_signup_form()) {
			return $this->redirect('/users/signup');
		}
		
		$email = $this->get_param('email');
		
		if ($this->user_model->exist($email)) {
			$this->add_error_message('User already exist');
			return $this->redirect('/users/signup');
		}
		
		$user_id = $this->user_model->save(array(
				'email' => $email,
				'password' => Security_Manager::get_password_hash(
								$this->get_param('password')),
				'phone' => $this->get_param('phone'),
				'name' => $this->get_param('name')));
		$this->user_model->save_role($user_id, 'user');
		
		$this->send_register_notification($user_id, $email);
		
		$this->add_success_message('Successfully singed up. Please confrim
			registratoin code from email');
		return $this->redirect('/users/login'); 
	}
	
	public function confirm_registration($email, $code) {
		$email = urldecode($email);
		$this->load->model('user_model');
		
		if (!$this->user_model->exist($email)) {
			$this->add_error_message('No such user');
			return $this->redirect('/users/signup');
		}
		
		$user = $this->user_model->get_by_email($email);
		
		if ($code != $this->user_model->get_registration_code($user['id'])) {
			$this->add_error_message('Wrong registration code');
			return $this->redirect('/users/signup');
		}
		
		$this->add_success_message('User is activated');
		$this->user_model->activate($user['id']);
		return $this->redirect('/');
	}
	
	/**
	 * Validation function
	 * @param string $str
	 */
	public function password_equals($str) {
		if (!defined('__signup_form_validation__')) {
			return $this->redirect('/errors/error_404');
		}
		
		if ($str !== $this->get_param('rpassword')) {
			$this->form_validation->set_message('password_equals', 
					'The Password field and Repeat Password do not match');
			return false;
		}
		
		return true;
	}
	
	private function validate_signup_form() {
		define('__signup_form_validation__', true);
		$this->form_validation->set_rules(
				'email', 'Email Address', 'required|valid_email');
		$this->form_validation->set_rules(
				'password', 'Password', 'required|min_length[5]|callback_password_equals');
		return $this->form_validation->run();
	}
	
	private function validate_login_form() {
		$this->form_validation->set_rules(
				'email', 'Email Address', 'required|valid_email');
		$this->form_validation->set_rules(
				'password', 'Password', 'required');
		return $this->form_validation->run();
	}
	
	private function send_register_notification($user_id, $user_email) {
		$code = $this->user_model->generate_registration_code($user_id);
		$url = base_url() .'index.php/users/confirm_registration/'
				. urlencode($user_email) .'/'. $code;
		
		$content = '<h3>daruiesc.com - Registration</h3><p>An account with your 
			email <i>'. $user_email .'</i> was registreted on 
			<a href="'. base_url() .'">'. base_url() .'</a> web site.!</p><p>
			If it is you who created the account please confirm the registration
			by following the <a href="'. $url .'">link</a>.</p>';
		
		$this->load->library('email');
		$this->email->from('no-replay@daruiesc.com', 'Administrator');
		$this->email->to($user_email);
		$this->email->subject('Registration confirmation');
		$this->email->message($content);
		$this->email->send();
	}
}